AI Security Review
scanned 7d ago · by lpm-firewall-aiNo confirmed malicious attack surface. The sensitive behavior is a user-invoked Claude Code installer for SpecShip MCP integration, aligned with the package purpose and not triggered by npm lifecycle or import.
Decision evidence
public snapshot- package.json has no lifecycle scripts; top-level package only ships node/lib/bin.
- bin/specship execs bundled Mach-O node with lib/dist/bin/specship.js and user args.
- lib/dist/bin/specship.js runs installer only when user invokes specship with no args; install is an explicit CLI command.
- lib/dist/installer/targets/claude.js writes Claude MCP/settings/hooks/commands during user-invoked install, not install-time import.
- lib/dist/installer/index.js npm install -g prompt is interactive and package-aligned PATH setup, skipped with --yes.
- new Function in installer is limited to dynamic import helper for ESM prompts.
Source & flagged code
9 flagged · loading sourcePackage source references child process execution.
lib/dist/health/smoke-check.jsView on unpkg · L56Package source references dynamic require/import behavior.
lib/dist/ui/shimmer-worker.jsView on unpkg · L2A single source file combines environment access, network access, and code or shell execution; review context before blocking.
lib/dist/designer/cdp-ensure.jsView on unpkg · L9Package source invokes a package manager install command at runtime.
lib/dist/installer/index.jsView on unpkg · L123Package ships WebAssembly modules.
lib/dist/extraction/wasm/tree-sitter-scala.wasmView on unpkgPackage contains source files above the static scanner size ceiling.
lib/dist/web/chunk-JTFXTIPE.jsView on unpkgThis package version adds a dangerous source file absent from the previous stored version.
lib/dist/installer/targets/claude.jsView on unpkg